A look at the Rust programming language after 12 years, evolving from side project to robust ecosystem, as developers praise its security, ease, and performance
Rust makes it impossible to introduce some of the most common security vulnerabilities. And its adoption can't come soon enough. Tweets: @nathanielmott Tweets: Nathaniel Mott / @nathanielmott : You s...
Google researchers detail “Half-Double”, a new Rowhammer attack technique they say will be difficult to mitigate as future generations of DRAM chips get smaller
A full fix for the “Half-Double” technique will require rethinking how memory semiconductors are designed. Tweets: @ucsdjacobs , @gadgetlab , and @wired Tweets: UCSD Engineering / @ucsdjacobs : As chi...
A look at Facebook's “Red Team X”, an internal hacking team founded in 2020, which probes 3rd-party tech Facebook uses for hardware and software vulnerabilities
Lily Hay Newman / Wired : Tweets: @johnjhacking , @gadgetlab , @lilyhnewman , and @ajxchapman Tweets: John Jackson / @johnjhacking : Jealous. This is what I need to be doing for a living. https://www...
A look at Facebook's “Red Team X”, an internal hacking team founded in 2020, which probes 3rd-party tech Facebook uses for hardware and software vulnerabilities
The internal hacking team has spent the last year looking for vulnerabilities in the products the company uses … Tweets: @johnjhacking , @gadgetlab , @lilyhnewman , and @jenmartinez Tweets: John Jacks...
Profile of Maddie Stone, who leads Google's Project Zero team that studies and neuters actively exploited Android malware
The Project Zero reverse engineer shuts down some of the world's most dangerous exploits—along with antiquated hacker stereotypes. — EVEN WITH A knee injury, Maddie Stone is formidable. Tweets: @how...
Election tech giant ES&S and security firm Synack partner to let security professionals, vetted by Synack, conduct penetration testing on some ES&S products
Lily Hay Newman / Wired : Tweets: @synack , @weems , @lilyhnewman , and @caseyjohnellis Tweets: @synack : “By throwing [@essvote's new model of electronic poll book] to the wolves, ES&S can learn abo...
Researchers discuss ShinyHunters, a hacking group that is hawking what it claims is ~200M stolen records on the dark web since May 1 from at least 13 companies
Lily Hay Newman / Wired : Tweets: @teachemtechy and @lilyhnewman Tweets: Techy / @teachemtechy : I was featured giving some commentary on ShinyHunters, who is following a similar playbook to gnosticp...
Researchers: Zoom sometimes uses encryption keys issued by servers in China, uses a flawed encryption method, and hence is not suited to communicate secrets
but it can be fixed Stephen Warwick / iMore : Today on Zoom: ‘Not suited for secrets’, encryption issues and more Mercury News : Zoombombing: FBI warns video calls are getting hijacked Tweets: Glenn F...
Amber Authenticate is a new tool built on Ethereum that generates hashes of a video and records them on a public blockchain to protect it from deepfakes
VIDEO HAS BECOME an increasingly crucial tool for law enforcement, whether it comes from security cameras, police-worn body cameras, a bystander's smartphone, or another source. Tweets: @laurengoode T...
Study shows 3,695 of Alexa's top 100,000 sites in mobile browsers access motion and light sensor data without asking user permission
Lily Hay Newman / Wired : Tweets: @lilyhnewman and @chumunculus Tweets: Lily Hay Newman / @lilyhnewman : there's no uniform system for requiring web apps to ask permission before accessing a slew of ...